In the wake of the terrorist attacks in September 2001, President Bush signed into law, on October 26, 2001, the International Money Laundering Abatement and Anti-Terrorist Financing Act of 2001, which was enacted as Title III of the anti-terrorism legislation entitled Uniting and Strengthening America by Providing
Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (the “USA Patriot Act” or “Act”).

The Act included a number of measures designed to enhance the detection and prevention of money laundering and terrorist financing. The USA PATRIOT Act’s anti-money laundering (“AML”) provisions principally amended the Bank Secrecy Act (“BSA”) (31 U.S.C. § 5311 et. seq.), which is the principal U.S. AML legislation. Title III of the USA PATRIOT Act is implemented largely through regulations issued by the U.S. Department of the Treasury (“Treasury”) through its Financial Crimes Enforcement Network (“FinCEN”).

Some of the most substantive effects of the USA PATRIOT Act relate to whether and how U.S. financial institutions, in particular U.S. banks (including U.S. branches and agencies of non- U.S. banks) and securities broker-dealers, may provide services to non-U.S. financial institutions. Various provisions of the Act impose restrictions and requirements on “correspondent accounts” for non-U.S. banks. Treasury’s regulations define correspondent account so broadly that nearly any financial relationship with a non-U.S. bank is covered. Under Treasury’s regulations relating to certifications for correspondent accounts (see below), a “correspondent account” is an account (i.e., any formal banking or business relationship established to provide regular services, dealings, and other financial transactions) established for a non-U.S. bank to receive deposits from, to make payments or other disbursements on behalf of, or to handle other financial transactions related to the non-U.S. bank.

Section 313 of the Act prohibits a U.S. financial institution from providing correspondent banking services to a non-U.S. bank that does not have a physical presence in any country (“foreign shell bank”) (1) The Act does not prohibit a U.S. financial institution from providing a correspondent account to a foreign shell bank that (i) is an affiliate of a depository institution, credit union, or non- U.S. bank that maintains a physical presence in the United States or other country and (ii) is subject to supervision by the regulator of the affiliated financial institution. In addition, a U.S. financial institution must take reasonable steps to ensure that a correspondent account for any non-U.S. bank is not being used by that non-U.S. bank to provide banking services indirectly to a foreign shell bank.

The Act expanded the U.S. government’s authority to seize funds in connection with the prosecution of certain crimes. In this regard, section 319 of the Act
effectively deems funds deposited abroad in a non-U.S. institution to have been deposited in that institution’s “interbank account” with a U.S. financial institution. (2) It authorizes the U.S. government to seize such funds in the U.S. account, regardless of whether the funds ever resided in the U.S. account. Thus, if a person’s funds were subject to forfeiture and those funds were maintained offshore with a non-U.S. bank, the U.S. government could seize an amount equal to those funds from the non-U.S. bank’s U.S. interbank or correspondent account. The Act provides a process under which the owner of the funds may contest the forfeiture by initiating a proceeding in a U.S. court. The Attorney General may suspend or terminate forfeiture if the Attorney General determines that a conflict of law exists between U.S. and foreign law and the suspension or termination would be just and would not harm the U.S. national interest.
In part to facilitate the forfeiture provisions, Section 319 of the Act also requires U.S. financial institutions (including the U.S. branches and agencies of non-U.S. banks) that maintain correspondent bank accounts in the United States for any non-U.S. bank (including an affiliated non- U.S. bank) to maintain records that (i) identify the owners of the non-U.S. bank and (ii) the name and address of a person who resides in the United States and is authorized to accept service of process in the United States for the non-U.S. bank.

The Act also authorizes the Attorney General to issue a subpoena to a non-U.S. bank to request records related to the correspondent account, including records that are maintained outside of the United States relating to the deposit of funds in the non-U.S. bank. If the non-U.S. bank fails to provide the information, the Secretary of the Treasury (the “Secretary”) or the Attorney General could require a U.S. financial institution to terminate a correspondent bank account with that non- U.S. bank. The Act also provides U.S. financial institutions a safe harbor from liability for terminating a U.S. correspondent account of a non-U.S. bank upon the request of the Secretary or Attorney General. Regulations concerning this process have been promulgated by Treasury. (3)

Treasury has promulgated regulations that require U.S. depository institutions (e.g., banks, thrifts, credit unions, U.S. branches and agencies of non-U.S. banks) and U.S. securities brokerdealers registered or required to be registered with the Securities and Exchange Commission (“SEC”) (collectively “Covered Financial Institutions”) to obtain certifications from non-U.S. banks for which they establish correspondent accounts. (4) For the certification process, a U.S. branch or agency of a non-U.S. bank is a Covered Financial Institution and a non-U.S. office (e.g., branch) of a U.S. bank is a non-U.S. bank. The certification is designed to both:

require the non-U.S. bank to certify that it is not a foreign shell bank and that it will not use the correspondent account to provide services to a foreign shell bank (Section I.A above); and

obtain ownership information about the non-U.S. respondent bank and the address and name of a U.S. agent for service of process (Section I.B.2 above).

For accounts opened after October 28, 2002, certifications must be obtained within 30 days. Covered Financial Institutions must also obtain updated “recertifications” every three years. Specific ownership information is not required if the non-U.S. bank is publicly traded or files a Form FR Y-7 with the Board of Governors of the Federal Reserve System (“FRB”) pursuant to its status as a foreign banking organization with a branch or agency in the United States.
Certifications, and recertifications, can be provided by non-U.S. banks through a variety of means including on a webpage over the internet. If a non-U.S. bank does not provide a certification, or recertification, within the required timeframe, the Covered Financial Institution must take steps to terminate the relationship within a commercially reasonable time.

Section 312 of the Act requires U.S. financial institutions to adopt specific due diligence procedures for correspondent accounts for non-U.S. financial institutions and for private banking accounts for non-U.S. persons. Such procedures should be “reasonably designed” to detect and report money laundering through those accounts. In addition, the Act required the Secretary, in consultation with the appropriate Federal regulators of the affected financial institutions, to further define and clarify by regulations the due diligence requirements within 180 days of enactment Section 312 of the Act applies to both new and existing accounts. The effective date for this provision was 270 days after enactment regardless of whether the Secretary had promulgated the required regulations.

A U.S. financial institution that opens or maintains a correspondent account for a non-U.S. financial institution must conduct due diligence with respect to that non-U.S. financial institution. Moreover, a U.S. financial institution that opens or maintains a correspondent account for a “highrisk” non-U.S. bank -- a non-U.S. bank operating (i) under an offshore banking license (5) or (ii) under a license issued by a country that is either designated by the Secretary to be a “primary money laundering concern” or has been designated as non-cooperative with international anti-money laundering principles or procedures by an intergovernmental group or organization of which the United States is a member (e.g., the Financial Action Task Force (“FATF”) on Money Laundering), with which designation the U.S. representative to the group or organization concurs -- must perform certain additional enhanced due diligence with respect to that non-U.S. bank. At a minimum, such enhanced due diligence policies, procedures, and controls must ensure that the U.S. financial institutions take “reasonable steps” (i) to ascertain, for any such non-U.S. bank the shares of which are not publicly traded, the identity of each of the owners of the non-U.S. bank, and the nature and extent of the ownership interest of each owner; (ii) to conduct “enhanced scrutiny” of the account and report any suspicious transactions; and (iii) to ascertain whether any such non-U.S. respondent bank itself provides correspondent accounts to other non-U.S. banks, and, if so, identify those banks and gather related due diligence information.

In May 2002, Treasury proposed regulations that would require a broad range of U.S. financial institutions (e.g., depository institutions, securities broker-dealers, futures commission merchants, commodity introducing brokers, mutual funds, money service businesses, casinos) to establish policies and procedures to conduct due diligence with respect to correspondent accounts established for non-U.S. financial institutions (which would include a much broader range of financial institutions than banks) (6) To date, Treasury has not adopted a final rule. However, in order to comply with the 270 day statutory deadline, Treasury adopted interim final rules that require U.S. banks (e.g., banks, thrifts, credit unions, U.S. branches and agencies of non-U.S. banks) to conduct due diligence with respect to correspondent accounts opened for non-U.S. financial institutions in accordance with section 312 of the Act. (7)

The adopting release for the interim final rule indicated that Treasury would expect U.S. banks to concentrate efforts on accounts opened after July 23, 2002 (the 270 day deadline), non-U.S. banks and high-risk non-U.S. financial institutions such as money transmitters. Treasury also indicated that U.S. banks should follow industry best practices such as the guidance issued by the New York Clearing House Association LLC. (8) Compliance by other U.S. financial institutions is currently deferred. (9)

Section 312 of the Act requires certain U.S. financial institutions that open or maintain a “private banking account” for, or on behalf of, any non-U.S. person to comply with certain minimum due diligence standards. (10)

The institution must take reasonable steps to (i) obtain sufficient information about the identity of the nominal and beneficial owners of, and source of funds deposited into, a private banking account for any non-U.S. person; and (ii) conduct “enhanced scrutiny” of any such account that involves “senior foreign political officials,” their immediate family, or their close associates, that is reasonably designed to detect and report transactions that may involve proceeds of foreign corruption.

In May 2002, Treasury proposed regulations that would require a broad range of U.S. financial institutions (e.g., banks, securities broker-dealers, futures commission merchants, commodity introducing brokers, mutual funds) to establish policies and procedures to conduct due diligence with respect to private banking accounts established for non-U.S. customers. (11) To date, Treasury has not adopted the proposal as a final rule.

In order to comply with the 270 day statutory deadline, Treasury adopted interim final rules that require U.S. banks (including U.S. branches and agencies of non-U.S. banks), securities brokersdealers registered with, or required to register with, the SEC and futures commission merchants or introducing brokers registered with the Commodity Futures Trading Commission (“CFTC”) to conduct due diligence on private banking accounts established for non-U.S. persons consistent with section 312 of the Act. (12) Treasury indicated that institutions should follow available best practices and regulatory guidance such as the FRB’s guidance on “Private banking Activities. (13) Compliance with the private banking due diligence requirements by other U.S. financial institutions is currently deferred. (14)

Section 311 of the Act permits the Secretary, in consultation with the Secretary of State and the Attorney General, to determine that reasonable grounds exist for concluding that a foreign jurisdiction, a non-U.S. financial institution, or a class of transactions is of “primary money laundering concern.” In making such a finding, the Secretary is required to consider a number of specific factors such as, for example, the extent and nature of a jurisdiction’s money laundering laws and regulations.

Once a jurisdiction, non-U.S. financial institution or class of transactions has been deemed to be of primary money laundering concern, the Secretary, subject to consultation with appropriate Federal financial services regulators and the Secretary of State, can impose so-called “special measures” on a U.S. financial institution that is involved with that foreign jurisdiction, non-U.S. financial institution, or class of transactions. The Secretary may impose the “special measures” by regulation, order, or as otherwise permitted by law. If a special measure is imposed by order, it must be issued together with a notice of proposed rulemaking relating to the imposition of the special measure. Such orders may not remain in effect for longer than 120 days unless a rule is promulgated on or before the end of the 120-day period.
The Secretary must conduct a cost-benefit analysis based on a number of specific factors before imposing any special measures. The special measures may include:

U.S. financial institutions may be required to maintain records or reports that: (i) identify the participants in transactions, including the originator of any funds transfer; (ii) identify the legal capacity of transaction participants;
(iii) identify the beneficial owner of the funds involved, in accordance with such procedures as the Secretary determines to be “reasonable and practicable to obtain;” and (iv) describe the transaction.

U.S. financial institutions may be required to take steps to obtain and retain information concerning the beneficial ownership of any U.S. account opened by a non-U.S. person (other than a publicly traded foreign entity) or representative of a non-U.S. person. Before imposing this special measure, the Secretary must promulgate regulations that define “beneficial ownership” of an account and address issues related to an individual’s material interest in and authority to transact business through the account.

U.S. financial institutions may be required to identify the customers who use these accounts and obtain information concerning them that is substantially comparable to that which is obtained in the ordinary course of business with respect to U.S. customers. (15)

Secretary may prohibit completely or impose certain conditions on a U.S. financial institution’s opening or maintaining any correspondent or payable-through account that involves any designated jurisdiction, financial institution, or class of transactions.

To date, the Secretary has taken steps to impose the fourth special measure (prohibiting establishment of correspondent accounts) on certain U.S. financial institutions (e.g., banks, securities broker-dealers, futures commission merchants, mutual funds) with respect to a number of jurisdictions and institutions.

Section 352 of the Act requires U.S. financial institutions to develop anti-money laundering programs including at a minimum (i) the development of internal policies, procedures, and controls; (ii) the designation of a compliance officer with respect to AML issues; (iii) an ongoing employee training program; and (iv) an independent audit function to test the effectiveness of AML programs. Under applicable supervisory policies, U.S. banks and U.S. branches and agencies of non-U.S. banks were already required to have anti-money laundering programs in place.

FinCEN has adopted regulations that either require a financial institution to comply or provide an exemption. Currently, a financial institution that is regulated by a federal functional regulator or self-regulatory organization (SRO) (e.g., a bank, securities broker-dealer, futures commission merchant or commodity introducing broker) is considered to be in compliance if it complies with the AML program requirements of its regulator. (16) Other financial institutions that are Footnote continued from previous page currently subject to AML program regulations include money service businesses; (17) mutual funds; (18) operators of credit card systems; (19) and dealers of precious metals, precious stones, or jewels (20) In May 2006, certain life and annuity insurance companies will also be required to implement AML programs (21) Finally, proposals, or advance notices of proposals, have been published with respect to investment advisers, commodity trading advisers, persons engaged in real estate closings, travel agents, unregistered investment companies, and persons involved in vehicle sales.

Although financial institutions subject to SAR requirements have been subject to informal “know your customer” requirements necessary to recognize suspicious activities, section 326 of the Act required the Secretary to prescribe (jointly with each Federal functional regulator) regulations setting forth formal minimum standards for verifying the identity of customers opening an account at a financial institution.

The regulations require financial institutions to implement a risk-based “Customer Identification Program” or “CIP” that is reasonably designed to enable the institution to know the true identity of its customers.

In May 2002, FinCEN adopted, jointly with the relevant federal functional regulators, regulations that require certain financial institutions to (1) collect minimum identifying information about new customers opening an account including name, address, date of birth and taxpayer or other identification number; (2) use that collected information to verify the identity of the customer through documentary means, nondocumentary means or both; (3) notify the customer that the information is being collected to verify the customer’s identity and to comply with AML requirements; (4) check the customer against any governmental lists of known or suspected terrorists (no such lists have yet been developed for this purpose); and (5) maintain records relating to the customer’s identity. The CIP generally applies to “new” customers, i.e., customers opening accounts after September 30, 2003, unless the financial institution does not have a reasonable belief that it knows the true identity of the existing customer. A financial institution may rely on another financial institution to perform its CIP so long as that other financial institution is also required to conduct CIP and it has contractually obligated itself to perform the CIP. A financial institution may also conduct its CIP through an agent (such as a mortgage broker) but the financial institution remains liable for the CIP requirement.
Regulations have been adopted to require U.S. depository institutions (e.g., banks, savings associations, credit unions, U.S. branches and agencies of non-U.S. banks), (22) securities brokerdealers, (23) futures commission merchants and introducing brokers, (24) and registered investment companies (or “mutual funds”) (25) to establish Customer Identification Programs.

As a result of the Act, additional U.S. financial institutions became subject to suspicious activity reporting requirements. As required by section 356 of the Act, the Secretary, in consultation with the FRB and the SEC, has adopted regulations requiring U.S. securities broker-dealers to file SARs. (26) FinCEN has adopted rules that require futures commission merchants and futures introducing brokers to file SARs. (27) These securities and commodities financial institutions must file reports on a new Form SAR-SF. In addition, beginning in May 2006, certain life and annuity insurance companies will be required to file SARs. (28)

Prior to the Act, the following financial institutions were already required to file SARs: U.S. banks and U.S. branches and agencies of non-U.S. banks, (29) U.S. subsidiaries of U.S. bank holding companies and foreign banking organizations with U.S. branches or agencies, (30) money service businesses (e.g., money transmitters, check cashers), (31) and casinos. (32)

Section 351 of the Act clarifies the existing safe harbor provision regarding the filing of an SAR.

The safe harbor provides that any financial institution, or any director, officer, employee, or agent of such financial institution, that makes, or requires another person to make, a voluntary disclosure to a government agency of any possible violation of law or regulation shall not be liable to any person for such disclosure or for failure to provide notice of such disclosure to the person who is the subject of the disclosure or any other person identified in the disclosure.

Section 314 of the Act required the Secretary to promulgate regulations to encourage further cooperation among financial institutions, their regulatory authorities, and law enforcement authorities, with the specific purpose of encouraging regulatory and law enforcement authorities to share with financial institutions information regarding individuals, entities, and organizations engaged in, or reasonably suspected based on credible evidence of engaging in, terrorism or money laundering. In this regard, Treasury has adopted separate regulations that relate to (1) the collection of information about a suspect’s accounts and transactions from financial institutions (mandatory information sharing) and (2) the sharing of information among U.S. financial institutions (voluntary information sharing).
The mandatory information sharing regulations establish procedures by which (1) a U.S. federal law enforcement agency requests that FinCEN send a blanket request to financial institutions to identify those financial institutions at which a suspect has an account or has conducted transactions; (2) upon receiving a request from FinCEN, a financial institution searches its records for accounts maintained for (generally within the past 12 months) or transactions involving (generally within the past 6 months) a named suspect; and (3) if the financial institution has a positive match, the financial institution reports that match to FinCEN. (33) The financial institution does not provide specific information to the law enforcement agency until a direct formal request is received, although the financial institution may contact the requesting law enforcement agency for clarification of the request.
The regulations also require that each financial institution designate a contact person to receive requests from FinCEN and require that requests be kept confidential.
Section 314 also allows financial institutions, and associations of financial institutions, upon notice to the Secretary, to share information regarding individuals, entities, organizations, and countries suspected of possible terrorist or money laundering activities. The provision provides a shield from liability arising under (i) any law or regulation of the United States, (ii) the law of any state, or (iii) any contract or other legally enforceable agreement for the sharing, or failure to provide notice of disclosure, of information relating to terrorist acts or money laundering activities. Treasury has promulgated voluntary information sharing regulations that permit financial institutions (or associations of financial institutions) to share information if each institution (1) is subject to an AML Program requirement (see Section IV above) or is an association of institutions all of the members of which are subject to an AML program; (2) has notified Treasury that it will generally voluntarily share information (such notice must be renewed annually); and (3) has verified that each of the other institutions or associations sharing information has also notified Treasury that it will share information. (34)

Expansion of Institutions Covered by BSA: Section 321 of the Act expanded the definition of the term “financial institution” in the BSA to include futures commission merchants, commodity trading advisors, and commodity pool operators registered, or required to be registered, under the Commodity Exchange Act. Thus, these institutions became subject to the statutory requirements of the BSA and Treasury has already made some of these institutions subject to certain regulatory requirements such as suspicious activity reporting for futures commission merchants.

120-Hour Rule: Section 319 of the Act requires U.S. financial institutions (including U.S. branches and agencies of non-U.S. banks) to provide information and account documentation for accounts opened, maintained or administered in the United States within 120 hours after receiving a request from a federal banking regulator relating to the financial institution’s anti-money laundering compliance.

Increase in Penalties for Bank Secrecy Act Violations: Section 363 of the Act permits the imposition of civil money penalties and criminal fines against financial institutions that violate the reporting and recordkeeping provisions of the BSA in an amount equal to not less than twice the amount of the transaction, but not more than $1 million. Prior law imposed penalties equal to the amount of the transaction but not more than $100,000.

Identification of Originators of Wire Transfers: Section 328 of the Act requires the Secretary, in consultation with the Attorney General and Secretary of State, to encourage foreign governments to require the name of the originator to be included in wire transfer instructions sent to the United States and other countries. In addition, the Secretary must report annually to the House Financial Services Committee and Senate Banking Committee regarding progress toward this goal.

Other Extraterritorial Jurisdiction: Section 317 of the Act contains provisions establishing “long-arm” jurisdiction over foreign money launderers if service of process is made and: (1) the person commits an offense involving a financial transaction that occurs in whole or in part in the United States; (2) the non-U.S. person converts property in which the United States has an ownership interest by virtue of a forfeiture; or (3) the non-U.S. person is a financial institution that maintains a bank account at a U.S. financial institution. Thus, for example, maintaining a single U.S. bank account would be sufficient under this provision to confer jurisdiction for U.S. money laundering prosecutions over a non-U.S. bank with no U.S. operations. Section 377 provides extraterritorial jurisdiction over financial crimes involving credit cards or other access devices issued in the United States if the offense has certain contacts with the United States.

Consideration of Anti-Money Laundering Record in Applications: Section 327 of the Act requires the FRB, with respect to any application submitted under section 3 of the Bank Holding Company Act (the “BHCA”), and any federal banking regulator, with respect to any merger application submitted under section 18(c) of the Federal Deposit Insurance Act, to take into consideration the effectiveness of the applicant in combating money laundering activities. Prior to the USA PATRIOT Act, the FRB already carefully reviewed money laundering issues in applications by non-U.S. banks under section 3 of the BHCA.

Additional Predicate Offenses for Money Laundering: Sections 315 and 376 of the Act expanded the list of predicate offenses for money laundering to include: (i) crimes of violence, including an offense that has as an element the use, attempted use, or threatened use of physical force against the person or property of another, or any other offense that is a felony and that, by its nature, involves a substantial risk that physical force against the person or property of another may be used in the course of committing the offense; (ii) bribery of a public official, or the misappropriation, theft, or embezzlement of public funds by or for the benefit of a public official; (iii) smuggling or export control violations; (iv) any offense for which the United States would be (4) obligated to extradite the alleged offender; (v) any felony violation of the Foreign Agents Registration Act; (vi) various other crimes related to falsely classified goods, unlawful importation and trafficking of firearms, and computer fraud and abuse; and (vii) providing material support or resources to foreign terrorist organizations.

Concentration Accounts: Section 325 of the Act permits the Secretary to promulgate regulations that govern the maintenance of “concentration accounts” (i.e., an account in which a bank commingles funds belonging to more than one customer) in order to ensure those accounts are not being used to prevent association of the identity of the customer with the movement of funds. The regulations, at a minimum, must (i) prohibit financial institutions from allowing customers to direct transactions that move funds into, out of, or through concentration accounts; (ii) prohibit institutions and their employees from informing customers of the existence of, or the means of identifying, concentration accounts; and (iii) require each financial institution to establish written procedures governing the documentation of all transactions involving a concentration account that ensure that, whenever funds are commingled, the identity and amount of funds belonging to each customer is documented. Treasury has not yet proposed regulations relating to concentration accounts.

Cash Smuggling: The Act established criminal liability for individuals who conceal and transport more than $10,000 knowing that the funds were derived from some form of illegal activity, or knowing that it was to be used to promote some form of unlawful activity.

The term “physical presence” means “a place of business that (i) is maintained by a non-U.S. bank; (ii) is located at a fixed address (other than solely an electronic address) in a country in which the non-U.S. bank is authorized to conduct banking activities, at which location the non-U.S. bank (I) employs one or more individuals on a full-time basis and (II) maintains operating records related to its banking activities; and (iii) is subject to inspection by the banking authority which licensed the non-U.S. bank to conduct banking activities.”

The term „interbank account“ means“ an account held by one financial institution at another financial institution primarily for the purpose of facilitating customer transactions.” The definition is similar to term “correspondent account” as defined in footnote 1. infra.

“Offshore banking license” is defined as a license “to conduct banking activities which, as a condition of the license, prohibits the licensed entity from conducting banking activities with the citizens of, or with the local currency of, the country which issued the license.”

The term “private banking account” means “an account (or any combination of accounts) that (i) requires a minimum aggregate deposit of funds or other assets of not less than $1 million; (ii) is established on behalf of one or more individuals who have a direct or beneficial ownership interest in the account; and (iii) is assigned to, or is managed by, in whole or in part, an officer, employee, or agent of a financial institution acting as a liaison between the financial institution and the direct or beneficial owner of the account.”

The statute refers to both “payable through account” (“an account, including a transaction account, opened at a depository institution by a non-U.S. financial institution by means of which the non-U.S. financial institution permits its customers to engage, either directly or through a subaccount, in banking activities usual in connection with the business of banking in the United States”) and “correspondent account” ( “an account established to receive deposits from, make payments on behalf of a non-U.S. financial institution, or handle other financial transactions related to such institution”). However, the regulatory definitions for “correspondent accounts” are substantially broad enough to cover both types of accounts and, thus, “payable through accounts” are not generally referred to separately in Treasury’s regulations. See 31 C.F.R. §103.186(a).